With ever-increasing amounts of data traffic on modern computer networks, network monitoring and security measures play an increasingly important role in reducing the vulnerability of a network to intrusion, unauthorized access and other security or performance issues. Tools can be deployed in a computer network that process the network traffic and provide monitoring and security services. Examples of network tools include an intrusion detection system (IDS), an intrusion prevention system (IPS), a sniffer, a network monitoring system, an application monitoring system, a forensic storage system, an application security system, among others. However, tools are only as effective as the network traffic that they can see. Existing approaches involve deploying multiple editions of the same tool across a computer network to increase visibility of the network traffic. This approach can be expensive and difficult to scale and manage.
A network visibility node communicatively coupled between communicating nodes on a computer network can route packets to centralized tools for processing. To be more responsive to emerging security threats, many users of out-of-band tools that passively monitor traffic are moving to in-line deployments. In an in-line deployment, packets originating from one node on a computer network are routed through the tool before continuing on to another node on a computer network. In contrast, in an out-of-band deployment, copies of packets originating from one node are routed to the tool without passing the packet back to the network for transmission to an intended receiving node.